Hi Dan, how about making your "magic" password split say on the first 5 characters (internally) and use it for user-id and the remaining part as password? Regards Tino --On Montag, 25. November 2002 11:10 -0800 Dan Shafer <dan@danshafer.com> wrote:
I have painted myself into a nifty corner.
My client's site is protected at the root by an acl folder. Those who are not in the acl folder have view privileges only. This works fine.
I just added a new feature to my client's site. He wants this capability available to anyone to whom he gives a specific password. I wrote a Python script that generates the password and a page for my client to auto-generate a new random password and to see what the current password is. This works fine as well.
The problem is, since I'm not even asking people for a user name here, only a password, and since the site is protected from access via the acl folder, his clients can't get past the password screen because the acl logic presents a challenge for a user name and password which, of course, these folks don't have.
It occurred to me at one point that I could define an acl user called, e.g., "client" and then perhaps revise the Python script so that instead of storing the newly generated password in a DTML document, it would update the password property for that user in the acl folder. But it wasn't very obvious to me how to do that. And while I don't *mind* having them have to type in a generic user name, it's more elegant if they don't have to do so.
What's the easiest way to address this issue? I looked through a year's worth of email digests and I searched zope.org, but I couldn't find an answer.
Thanks.
_______________________________________________ Zope maillist - Zope@zope.org http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )